Data Driven Authentication: On the Effectiveness of User Behaviour Modelling with Mobile Device Sensors

We propose a lightweight, and temporally and spatially aware user behaviour modelling technique for sensor-based authentication. Operating in the background, our data driven technique compares current behaviour with a user profile. If the behaviour deviates sufficiently from the established norm, actions such as explicit authentication can be triggered. To support a quick and lightweight deployment, our solution automatically switches from training mode to deployment mode when the user's behaviour is sufficiently learned. Furthermore, it allows the device to automatically determine a suitable detection threshold. We use our model to investigate practical aspects of sensor-based authentication by applying it to three publicly available data sets, computing expected times for training duration and behaviour drift. We also test our model with scenarios involving an attacker with varying knowledge and capabilities.Comment: In Proceedings of the Third Workshop on Mobile Security Technologies (MoST) 2014 (http://arxiv.org/abs/1410.6674

A methodology for empirical analysis of permission-based security models and its application to android

Permission-based security models provide controlled access to various system resources. The expressiveness of the permission set plays an important role in providing the right level of granularity in access control. In this work, we present a methodology for the empirical analysis of permission-based security models which makes novel use of the Self-Organizing Map (SOM) algorithm of Kohonen (2001). While the proposed methodology may be applicable to a wide range of architectures, we analyze 1,100 Android applications as a case study. Our methodology is of independent interest for visualization of permissionbased systems beyond our present Android-specific empirical analysis. We offer some discussion identifying potential points of improvement for the Android permission model, attempting to increase expressiveness where needed without increasing the total number of permissions or overall complexity

Sensor use and usefulness: trade-offs for data-driven authentication on mobile devices

Abstract—Modern mobile devices come with an array of sen-sors that support many interesting applications. However, sensors have different sampling costs (e.g., battery drain) and benefits (e.g., accuracy) under different circumstances. In this work we investigate the trade-off between the cost of using a sensor and the benefit gained from its use, with application to data-driven authentication on mobile devices. Current authentication practice, where user behaviour is first learned from the sensor data and then used to detect anomalies, typically assumes a fixed sampling rate and does not consider the battery consumption and usefulness of sensors. In this work we study how battery consumption and sensor effectiveness (e.g., for detecting attacks) vary when using different sensors and different sensor sampling rates. We use data from both controlled lab studies, as well as field trials, for our experiments. We also propose an adaptive sampling technique that adjusts the sampling rate based on an expected device vigilance level. Our results show that it is possible to reduce the battery consumption tenfold without significantly impacting the detection of attacks. I